using System;
using System.Data;
using System.Data.SqlClient;
using PointOfSale.Global;
using System.Windows.Forms;

namespace PointOfSale.Class
{
	public class clsUser
	{
		//Khai bao cac thuoc tinh o day
		private int userId;
		private string userName;
		private string userFullName;
		private String password;
		private int departmentId;
		private bool priority;

		#region Properties.
		public int UserId
		{
			get
			{
				return userId;
			}
			set
			{
				userId = value;
			}
		
		}
		public string UserName
		{
			get
			{
				return userName;
			}
			set
			{
				userName = value;
			}
		
		}
		public string UserFullName
		{
			get
			{
				return userFullName;
			}
			set
			{
				userFullName = value;
			}
		
		}
		public string PassWord
		{
			get
			{
				return password;
			}
			set{
				password = value;
			}
		}
		public int DepartmentId
		{
			get
			{
				return departmentId;
			}
			set
			{
				departmentId = value;
			}
		}
		public bool Priority
		{
			get
			{
				return priority;
			}
			set
			{
				priority = value;
			}
		}
		#endregion

		public void Add()
		{
			try
			{
				string InsertCommand = "INSERT INTO tblUser(UserName, UserFullName, Password, DepartmentId, Privilige) VALUES(@_UserName, @_UserFullName, @_PassWord, @_DepartmentId, @_Priority)";
				SqlCommand _sqlCommand = new SqlCommand(InsertCommand , clsGlobal.g_DataConn);
				_sqlCommand.Parameters.Add("@_UserName", System.Data.SqlDbType.NVarChar, 255);
				_sqlCommand.Parameters.Add("@_UserFullName", System.Data.SqlDbType.NVarChar, 255);
				_sqlCommand.Parameters.Add("@_PassWord", System.Data.SqlDbType.NVarChar, 255);
				_sqlCommand.Parameters.Add("@_DepartmentId", System.Data.SqlDbType.Int, 4);
				_sqlCommand.Parameters.Add("@_Priority", System.Data.SqlDbType.Bit, 1);
				_sqlCommand.Parameters["@_UserName"].Value = userName;
				_sqlCommand.Parameters["@_UserFullName"].Value = userFullName;
				_sqlCommand.Parameters["@_PassWord"].Value = password;
				_sqlCommand.Parameters["@_DepartmentId"].Value = departmentId;
                _sqlCommand.Parameters["@_Priority"].Value = priority;
				_sqlCommand.ExecuteNonQuery();
			}
			catch(Exception ex)
			{
				MessageBox.Show(ex.ToString());
			}
		}

		public static void Delete(int userId)
		{
			string DeleteCommand = "DELETE FROM tblUser WHERE   @UserId  = UserId";
			SqlCommand _sqlCommand = new SqlCommand (DeleteCommand, clsGlobal.g_DataConn );
			_sqlCommand.Parameters.Add ("@UserId",	System.Data .SqlDbType.Int ,4);
			_sqlCommand.Parameters ["@UserId"].Value = userId;
			_sqlCommand.ExecuteNonQuery ();
		}
		public void UpdateUser(int intUserId)
		{
			string UpdateCommand = "UPDATE tblUser  SET UserName = '" + userName + "'"
			 + ", UserFullName = '" + userFullName + "'"
			 + ", DepartmentId = " + departmentId + ", Privilige = " + (priority ? 1 : 0)+" WHERE UserId = " + userId;

			SqlCommand _sqlCommand = new SqlCommand(UpdateCommand, clsGlobal.g_DataConn);
			_sqlCommand.ExecuteNonQuery();
		}

		public void ChangePassword()
		{
			string updateCommand = "update tblUser set password = '" + password + "' "
				+ " where userId = " + clsGlobal.g_UserId;
			SqlCommand _sqlCommand = new SqlCommand(updateCommand, clsGlobal.g_DataConn);
			_sqlCommand.ExecuteNonQuery();
		}


		private string encryptString(string strToEncrypt)
		{
			System.Text.UTF8Encoding ue = new System.Text.UTF8Encoding();
			byte[] bytes = ue.GetBytes(strToEncrypt);
  
			// encrypt bytes
			System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
			byte[] hashBytes = md5.ComputeHash(bytes);
  
			// Convert the encrypted bytes back to a string (base 16)
			string hashString = "";
  
			for(int i=0;i<hashBytes.Length;i++)
			{
				hashString += Convert.ToString(hashBytes[i],16).PadLeft(2,'0');
			}
  
			return hashString.PadLeft(32,'0');
		}
		
				
		public clsUser()
		{
			userName = "";
			userFullName = "";
			password = "";
			departmentId = 0;
			priority = false;
		}
		public static DataTable DayReport(int userId, String dayreport)
		{
			//DateTime dr = Convert.ToDateTime(dayreport);
			String strSelect = "SELECT PaidAmount, PostAmount, InvoiceAmount FROM tblSale WHERE UserId = " + userId + " AND datediff(day,InvoiceDate,'" + Convert.ToDateTime(dayreport).ToString("MMM dd yyyy") + "') =0";
			DataTable dt = clsDatabase.GetDataToTable(strSelect, clsGlobal.g_DataConn);
			return dt;
		}
		public static SqlDataReader GetAllDataToDataReader()
		{
			String strSelect = "SELECT *  FROM tblUser, tblDepartment WHERE tblUser.DepartmentId = tblDepartment.DepartmentId ORDER BY UserName";
			return clsDatabase.GetDataToDataReader(strSelect, clsGlobal.g_DataConn);
		}
		public static string GetUserName(int userId)
		{
			string sc = "select userFullName from tblUser where userId = " + userId;
			DataTable dt = clsDatabase.GetDataToTable(sc, clsGlobal.g_DataConn);
			return Convert.ToString(dt.Rows[0]["userFullName"]);
		}
	}
}
